Wireless Access

Occasional Contributor II

Source NAT Private Network

Hello all,


I am trying to get source-nating to work and I am having some issues.  I am doing this in a lab environment so the IP assignments aren't goint to be exactly like production as I don't have public IP assignments to play with.  I have two vlans configured on the controller:


Vlan 301 -

Vlan 7 - (guest network that connects to a FW with internet access)


The controller is handing out DHCP leases on VLAN 301 and I would like for those users to get source-nat'ed to  I have a NAT pool created like so "ip NAT pool corp-dev-srcnat" and a FW policy setup for users that connect to VLAN 301 that states "user any any  src-nat pool corp-dev-srcnat log".  Based off this I would think that all users that connect to VLAN 301 would get source-nat'ed to (which is looks like they do in the logs).  The problem is the user has zero connectivity.  Is there something I am missing in this type of setup?





Guru Elite

Re: Source NAT Private Network

Is there a route in your infrastructure back to

Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
Occasional Contributor II

Re: Source NAT Private Network

Thanks for the information - I will check into that.  Also I have a general question in regards to the NAT Pool configuration on the Aruba Controller.  In production VLAN 7 will actually be configured on the Aruba Controller as an access port with a public IP address associated with it, the other side will be connected to a FW that is connected to the internet.  I want to source NAT users in the /24 subnet so that they go out the VLAN 7 interface - would the ip address that i use be the one that's configured on the Aruba Controller?

Search Airheads
Showing results for 
Search instead for 
Did you mean: